<?php

if (!isset($_SESSION['logged']))
    print "<script language='javascript'>
        window.location.href='./?url=404';
        </script>";
else {
    $iduser = $_SESSION['id'];
    $title = $_POST['title'];
    $idtype = $_POST['type'];
    $description = $_POST['description'];

    $linkfile = $_POST['link'];
    if (($linkfile != "") && (substr($linkfile, 0, 4) != "http")) {
        $linkfile = "http://" . $linkfile;
    }

    $sql = "INSERT INTO `file` (`title`, `type_id`, `description`, `link`, `date_in`) VALUES ('$title', '$idtype', '$description', '$linkfile', CURDATE());";
    $result = mysql_query($sql, $link);
    $sql = "SELECT * FROM `file` WHERE `title` = '$title' AND `type_id` = '$idtype' AND `description` = '$description';";
    $result = mysql_query($sql, $link);
    $row = mysql_fetch_assoc($result);
    $idfile = $row['id'];
    $sql = "INSERT INTO `user_file` (`user_id`, `file_id`) VALUES ('$iduser', '$idfile');";
    $result = mysql_query($sql, $link);
    
    print "<script language='javascript'>
        window.location.href='./';
        </script>";
}
?>
